Irish tech leaders believe national cyber security strategy not fit for purpose
A staggering 91% of IT leaders believe Ireland’s national cybersecurity strategy is not fit for purpose according to the latest TechBeat survey in association with Paradyn.
The survey of 105 IT decision makers found that the recent attack on the HSE has had a profound effect on how businesses are viewing threats such as ransomware. Some 88% of company boards and leadership teams are more worried about ransomware attacks since the HSE disruption. Moreover, 97% of tech leaders believe more high-profile public services bodies will fall victim to attacks of a similar nature over the coming year.
In terms of the biggest perceived cybersecurity threats, ransomware (89%) featured highest, followed by phishing (69%) and malware (64%). In addition, one quarter of those surveyed believe the Dark Web is one of their biggest security concerns.
When asked if their organisations had experienced any cybersecurity attacks in the past year, 59% of Irish companies have had a phishing attack, 57% a malware attack and 35% by spear phishing – an attempt to steal confidential financial data by targeting individuals, often senior management.
Despite the inherent fears and vulnerabilities exposed by the survey, more than half of IT leaders (52%) admitted that employees in their companies access or store company data on unsecured personal devices, while only 29% believe they have a cybersecurity strategy that delivers a high level of protection.
The survey also revealed which sectors are seen to be the best and worst equipped to deal with cybercrime. The three sectors which are deemed to be well or very well protected are financial services (96%), professional services (85%) and pharma (80%). Conversely, the three sectors that are seen to be not well protected are construction (86%), hospitality and tourism (77%) and education (67%).
Cillian McCarthy, chief executive officer, Paradyn said: “The HSE attack significantly disrupted Ireland’s healthcare system and caused severe service interruptions for healthcare workers and citizens. Worryingly, the overwhelming majority of technology leaders believe more attacks on other public sector organisations are imminent. In addition to this, most also believe that our national cybersecurity strategy is not capable of meeting these growing threats.
“It’s imperative that all those responsible for securing government, business and citizen data take a more holistic and joined up approach, or further widescale disruption is inevitable in Ireland. There are globally recognised security frameworks, such as CIS Controls, which have proven highly effective at blocking or mitigating security attacks. We would strongly recommend that organisations here adhere to international best practices so that we’re not seen as a weaker link by cybercriminals.
“One other survey finding that jumped out is that two thirds of respondents within the education sector believe they are not well prepared to combat cybercrime. With students now returning to schools and colleges across the country, we need to ensure the highest levels of cybersecurity in this sector too.”